NEPAL STANDARDS ON AUDITING AUDIT SAMPLING AND OTHER SELECTIVE TESTING PROCEDURES

Transcription

1 NSA 09 NEPAL STANDARDS ON AUDITING AUDIT SAMPLING AND OTHER SELECTIVE TESTING PROCEDURES CONTENTS Paragraphs Introduction 1-5 Definitions 6-15 Audit Evidence Risk Considerations in Obtaining Evidence Procedures for obtaining Evidence 24 Selecting Items for Testing to Gather Audit Evidence Statistical versus Non-statistical Sampling Approaches Design of the Sample Sample Size Selecting the Sample Performing the Audit Procedure Nature and Cause of Errors Projecting Errors Evaluating the Sample Results Compliance with International Standards on Auditing 60 Effective Date 61 Appendix 1: Examples of Factors Influencing Sample Size for Test of Control Appendix 2: Examples of Factors Influencing Sample Size for Substantive Procedures Appendix 3: Sample Selection Methods This NSA is applicable in all material respects to Public Sector also. Introduction 1. The purpose of this Nepal Standard on Auditing (NSA) is to establish standards and provide guidance on the use of audit sampling procedures and other means of selecting items for testing to gather audit evidence. 2. This NSA is to be read in conjunction with the Preface to Nepal Standards on Auditing. 3. This NSA contains the basic principles and essential procedures (identified in bold type black lettering) together with related guidance in the form of explanatory and other material. NSA 09/final 1

2 4. This NSA needs only be applied to material matters. 5. When designing audit procedures, the auditor should determine appropriate means for selecting items for testing so as to gather audit evidence to meet the objectives of audit tests. Definitions 6. "Audit sampling" (sampling) involves the application of audit procedures to less than 100% of items within an account balance or class of transactions such that all sampling units have a chance of selection. This will enable the auditor to obtain and evaluate audit evidence about some characteristic of the items selected in order to form or assist in forming a conclusion concerning the population from which the sample is drawn. Audit sampling can use either a statistical or a non-statistical approach. 7. For purposes of this NSA, "error" means either control deviations, when performing tests of control, or misstatements, when performing substantive procedures. Similarly, total error is used to mean either the rate of deviation or total misstatement. 8. "Anomalous error" means an error that arises from an isolated event that has not recurred other than on specifically identifiable occasions and is therefore not representative of errors in the population. 9. "Population" means the entire set of data from which a sample is selected and about which the auditor wishes to draw conclusions. For example, all of the items in an account balance or a class of transactions constitute a population. A population may be divided into strata, or subpopulations, with each stratum being examined separately. The term population is used to include the term stratum. 10. "Sampling risk" arises from the possibility that the auditor's conclusion, based on a sample may be different from the conclusion reached if the entire population were subjected to the same audit procedure. There are two types of sampling risk: (a) (b) the risk the auditor will conclude, in the case of a test of control, that control risk is lower than it actually is, or in the case of a substantive test, that a material error does not exist when in fact it does. This type of risk affects audit effectiveness and is more likely to lead to an inappropriate audit opinion; and the risk the auditor will conclude, in the case of a test of control, that control risk is higher than it actually is, or in the case of a substantive test, that a material error exists when in fact it does not. This type of risk affects audit efficiency as it would usually lead to additional work to establish that initial conclusions were incorrect. The mathematical complements of these risks are termed confidence levels. 11. "Non-sampling risk" arises from factors that cause the auditor to reach an erroneous conclusion for any reason not related to the size of the sample. For example, most audit evidence is persuasive rather than conclusive, the auditor might use inappropriate procedures, or the auditor might misinterpret evidence and fail to recognise an error. NSA 09/final 2

3 12. "Sampling unit" means the individual items constituting a population, for example cheques listed on deposit slips, credit entries on bank statements, sales invoices or debtors' balances, or a monetary unit. 13. "Statistical sampling" means any approach to sampling that has the following characteristics: (a) (b) random selection of a sample; and use of probability theory to evaluate sample results, including measurement of sampling risk. A sampling approach that does not have characteristic (a) and (b) is considered nonstatistical sampling. 14. "Stratification" is the process of dividing a population into subpopulations, each of which is a group of sampling units which have similar characteristics (often monetary value). 15. "Tolerable error" means the maximum error in a population that the auditor is willing to accept. Audit Evidence 16. In accordance with NSA 04 "Audit Evidence", audit evidence is obtained from an appropriate mix of tests of control and substantive procedures. The type of test to be performed is important to an understanding of the application of audit procedures in gathering audit evidence. Tests of Control 17. "Risk Assessments" and "Internal Control" tests are performed if the auditor plans to assess control risk less than high for a particular assertion. 18. Based on the auditor's understanding of the accounting and internal control systems, the auditor identifies the characteristics or attributes that indicate performance of a control, as well as possible deviation conditions which indicate departures from adequate performance. The presence or absence of attributes can then be tested by the auditor. 19. Audit sampling for tests of control is generally appropriate when application of the control leaves evidence of performance (for example, initials of the credit manager on a sales invoice indicating credit approval, or evidence of authorisation of data input to a microcomputer based data processing system). Substantive Procedures 20. Substantive procedures are concerned with amounts and are of two types: analytical procedures and tests of details of transactions and balances. The purpose of substantive procedures is to obtain audit evidence to detect material misstatements in the financial statements. When performing substantive tests of details, audit sampling and other means of selecting items for testing and gathering audit evidence may be NSA 09/final 3

4 used to verify one or more assertions about a financial statement amount (for example, the existence of accounts receivable), or to make an independent estimate of some amount (for example, the value of obsolete inventories). Risk Considerations in Obtaining Evidence 21. In obtaining evidence, the auditor should use professional judgement to assess audit risk and design audit procedures to ensure this risk is reduced to an acceptably low level. 22. Audit risk is the risk that the auditor gives an inappropriate audit opinion when the financial statements are materially misstated. Audit risk consists of inherent risk - the susceptibility of an account balance to material misstatement, assuming there are no related internal controls; control risk - the risk that a material misstatement will not be prevented or detected and corrected on a timely basis by the accounting and internal control systems; and, detection risk - the risk that the material misstatements will not be detected by the auditor's substantive procedures. These three components of audit risk are considered during the planning process in the design of audit procedures in order to reduce audit risk to an acceptably low level. 23. Sampling risk and non-sampling risk can affect the components of audit risk. For example, when performing tests of control, the auditor may find no errors in a sample and conclude that control risk is low, when the rate of error in the population is, in fact, unacceptably high (sampling risk). Or there may be errors in the sample which the auditor fails to recognise (non-sampling risk). With respect to substantive procedures, the auditor may use a variety of methods to reduce detection risk to an acceptable level. Depending on their nature, these methods will be subject to sampling and/or non-sampling risks. For example, the auditor may choose an inappropriate analytical procedure (non-sampling risk) or may find only minor misstatements in a test of details when, in fact, the population misstatement is greater than the tolerable amount (sampling risk). For both tests of control and substantive tests, sampling risk can be reduced by increasing sample size, while non-sampling risk can be reduced by proper engagement planning, supervision, and review. Procedures for Obtaining Evidence 24. Procedures for obtaining audit evidence include inspection, observation, inquiry and confirmation, computation and analytical procedures. The choice of appropriate procedures is a matter of professional judgement in the circumstances. Application of these procedures will often involve the selection of items for testing from a population. Selecting Items for Testing to Gather Audit Evidence 25. When designing audit procedures, the auditor should determine appropriate means of selecting items for testing. The means available to the auditor are: (a) (b) (c) selecting all items (100% examination); selecting specific items; and audit sampling. NSA 09/final 4

5 26. The decision as to which approach to use will depend on the circumstances, and the application of any one or combination of the above means may be appropriate in particular circumstances. While the decision as to which means, or combination of means, to use is made on the basis of audit risk and audit efficiency, the auditor needs to be satisfied that methods used are effective in providing sufficient appropriate audit evidence to meet the objectives of the test. Selecting all items 27. The auditor may decide that it will be most appropriate to examine the entire population of items that make up an account balance or class of transactions (or a stratum within that population). 100% examination is unlikely in the case of tests of control; however, it is more common for substantive procedures. For example, 100% examination may be appropriate when the population constitutes a small number of large value items, when both inherent and control risks are high and other means do not provide sufficient appropriate audit evidence, or when the repetitive nature of a calculation or other process performed by a computer information system makes a 100% examination cost effective. Selecting Specific Items 28. The auditor may decide to select specific items from a population based on such factors as knowledge of the client's business, preliminary assessments of inherent and control risks, and the characteristics of the population being tested. The judgmental selection of specific items is subject to non-sampling risk. Specific items selected may include: High value or key items. The auditor may decide to select specific items within a population because they are of high value, or exhibit some other characteristic, for example items that are suspicious, unusual, particularly riskprone or that have a history of error. All items over a certain amount. The auditor may decide to examine items whose values exceed a certain amount so as to verify a large proportion of the total amount of an account balance or class of transactions. Items to obtain information. The auditor may examine items to obtain information about matters such as the client's business, the nature of transactions, accounting and internal control systems. Items to test procedures. The auditor may use judgement to select and examine specific items to determine whether or not a particular procedure is being performed. 29. While selective examination of specific items from an account balance or class of transactions will often be an efficient means of gathering audit evidence, it does not constitute audit sampling. The results of procedures applied to items selected in this way cannot be projected to the entire population. The auditor considers the need to obtain appropriate evidence regarding the remainder of the population when that remainder is material. NSA 09/final 5

6 Audit Sampling 30. The auditor may decide to apply audit sampling to an account balance or class of transactions. Audit sampling can be applied using either non-statistical or statistical sampling methods. Audit sampling is discussed in detail in paragraph 34 through 59. Statistical versus Non-Statistical Sampling Approaches 31. The decision whether to use a statistical or non-statistical sampling approach is a matter for the auditor's judgement regarding the most efficient manner to obtain sufficient appropriate audit evidence in the particular circumstances. For example, in the case of tests of control the auditor's analysis of the nature and cause of errors will often be more important than the statistical analysis of the mere presence or absence (that is, the count) of errors. In such a situation, non-statistical sampling may be most appropriate. 32. When applying statistical sampling, the sample size can be determined using either probability theory or professional judgement. Moreover, sample size is not a valid criterion to distinguish between statistical and non-statistical approaches. Sample size is a function of factors such as those identified in Appendices 1 and 2. When circumstances are similar, the effect on sample size of factors such as those identified in Appendices 1 and 2 will be similar regardless of whether a statistical or nonstatistical approach is chosen. 33. Often, while the approach adopted does not meet the definition of statistical sampling, elements of a statistical approach are used, for example the use of random selection using computer generated random numbers. However, only when the approach adopted has the characteristics of statistical sampling are statistical measurements of sampling risk valid. Design of the Sample 34. When designing an audit sample, the auditor should consider the objectives of the test and the attributes of the population from which the sample will be drawn. 35. The auditor first considers the specific objectives to be achieved and the combination of audit procedures which is likely to best achieve those objectives. Consideration of the nature of the audit evidence sought and possible error conditions or other characteristics relating to that audit evidence will assist the auditor in defining what constitutes an error and what population to use for sampling. 36. The auditor considers what conditions constitute an error by reference to the objectives of the test. A clear understanding of what constitutes an error is important to ensure that all, and only, those conditions that are relevant to the test objectives are included in the projection of errors. For example, in a substantive procedure relating to the existence of accounts receivable, such as confirmation, payments made by the customer before the confirmation date but received shortly after that date by the client are not considered an error. Also, a misposting between customer accounts does not affect the total accounts receivable balance. Therefore, it is not appropriate to consider this an error in evaluating the sample results of this particular procedure, even though NSA 09/final 6

7 it may have an important effect on other areas of the audit, such as the assessment of the likelihood of fraud or the adequacy of the allowance for doubtful accounts. 37. When performing tests of control, the auditor generally makes a preliminary assessment of the rate of error the auditor expects to find in the population to be tested and the level of control risk. This assessment is based on the auditor's prior knowledge or the examination of a small number of items from the population. Similarly, for substantive tests, the auditor generally makes a preliminary assessment of the amount of error in the population. These preliminary assessments are useful for designing an audit sample and in determining sample size. For example, if the expected rate of error is unacceptably high, tests of control will normally not be performed. However, when performing substantive procedures, if the expected amount of error is high, 100% examination or the use of a large sample size may be appropriate. Population 38. It is important for the auditor to ensure that the population is: (a) (b) Appropriate to the objective of the sampling procedure, which will include consideration of the direction of testing. For example, if the auditor's objective is to test for overstatement of accounts payable, the population could be defined as the accounts payable listing. On the other hand, when testing for understatement of accounts payable, the population is not the accounts payable listing but rather subsequent disbursements, unpaid invoices, suppliers' statements, unmatched receiving reports or other populations that provide audit evidence of understatement of accounts payable; and Complete. For example, if the auditor intends to select payment vouchers from a file, conclusions cannot be drawn about all vouchers for the period unless the auditor is satisfied that all vouchers have in fact been filed. Similarly, if the auditor intends to use the sample to draw conclusions about the operation of an accounting and internal control system during the financial reporting period, the population needs to include all relevant items from throughout the entire period. A different approach may be to stratify the population and use sampling only to draw conclusions about the control during, say, the first 10 months of a year, and to use alternative procedures or a separate sample regarding the remaining two months. Stratification 39. Audit efficiency may be improved if the auditor stratifies a population by dividing it into discrete sub-populations which have an identifying characteristic. The objective of stratification is to reduce the variability of items within each stratum and therefore allow sample size to be reduced without a proportional increase in sampling risk. Subpopulations need to be carefully defined such that any sampling unit can only belong to one stratum. 40. When performing substantive procedures, an account balance or class of transactions is often stratified by monetary value. This allows greater audit effort to be directed to the larger value items which may contain the greatest potential monetary error in terms of overstatement. Similarly, a population may be stratified according to a NSA 09/final 7

8 particular characteristic that indicates a higher risk of error, for example, when testing the valuation of accounts receivable, balances may be stratified by age. 41. The results of procedures applied to a sample of items within a stratum can only be projected to the items that make up that stratum. To draw a conclusion on the entire population, the auditor will need to consider risk and materiality in relation to whatever other strata make up the entire population. For example, 20% of the items in a population may make up 90% of the value of an account balance. The auditor may decide to examine a sample of these items. The auditor evaluates the results of this sample and reaches a conclusion on the 90% of value separately from the remaining 10% (on which a further sample or other means of gathering evidence will be used, or which may be considered immaterial). Value weighted selection 42. It will often be efficient in substantive testing, particularly when testing for overstatements, to identify the sampling unit as the individual monetary units (e.g., rupees) that make up an account balance or class of transactions. Having selected specific monetary units from within the population, for example, the accounts receivable balance, the auditor then examines the particular items, for example, individual balances, that contain those monetary units. This approach to defining the sampling unit ensures that audit effort is directed to the larger value items because they have a greater chance of selection, and can result in smaller sample sizes. This approach is ordinarily used in conjunction with the systematic method of sample selection (described in Appendix 3) and is most efficient when selecting from a computerised database. Sample Size 43. In determining the sample size, the auditor should consider whether sampling risk is reduced to an acceptably low level. Sample size is affected by the level of sampling risk that the auditor is willing to accept. The lower the risk the auditor is willing to accept, the greater the sample size will need to be. 44. The sample size can be determined by the application of a statistically-based formula or through the exercise of professional judgement objectively applied to the circumstances. Appendices 1 and 2 indicate the influences that various factors typically have on the determination of sample size, and hence the level of sampling risk. Selecting the Sample 45. The auditor should select items for the sample with the expectation that all sampling units in the population have a chance of selection. Statistical sampling requires that sample items are selected at random so that each sampling unit has a known chance of being selected. The sampling units might be physical items (such as invoices) or monetary units. With non-statistical sampling, an auditor uses professional judgement to select the items for a sample. Because the purpose of sampling is to draw conclusions about the entire population, the auditor endeavours to select a representative sample by choosing sample items which have characteristics typical of the population, and the sample needs to be selected so that bias is avoided. NSA 09/final 8

9 46. The principal methods of selecting samples are the use of random number tables or computer programs, systematic selection and haphazard selection. Each of these methods is discussed in Appendix 3. Performing the Audit Procedure 47. The auditor should perform audit procedures appropriate to the particular test objective on each item selected. 48. If a selected item is not appropriate for the application of the procedure, the procedure is ordinarily performed on a replacement item. For example, a voided cheque may be selected when testing for evidence of payment authorisation. If the auditor is satisfied that the cheque had been properly voided such that it does not constitute an error, an appropriately chosen replacement is examined. 49. Sometimes however, the auditor is unable to apply the planned audit procedures to a selected item because, for instance, documentation relating to that item has been lost. If suitable alternative procedures cannot be performed on that item, the auditor ordinarily considers that item to be in error. An example of a suitable alternative procedure might be the examination of subsequent receipts when no reply has been received in response to a positive confirmation request. Nature and Cause of Errors 50. The auditor should consider the sample results, the nature and cause of any errors identified, and their possible effect on the particular test objective and on other areas of the audit. 51. When conducting tests of control, the auditor is primarily concerned with the design and operation of the controls themselves and the assessment of control risk. However, when errors are identified, the auditor also needs to consider matters such as: (a) (b) the direct effect of identified errors on the financial statements; and the effectiveness of the accounting and internal control systems and their effect on the audit approach when, for example, the errors result from management override of an internal control. 52. In analysing the errors discovered, the auditor may observe that many have a common feature, for example, type of transaction, location, product line or period of time. In such circumstances, the auditor may decide to identify all items in the population that possess the common feature, and extend audit procedures in that stratum. In addition, such errors may be intentional, and may indicate the possibility of fraud. 53. Sometimes, the auditor may be able to establish that an error arises from an isolated event that has not recurred other than on specifically identifiable occasions and is therefore not representative of similar errors in the population (an anomalous error). To be considered an anomalous error, the auditor has to have a high degree of certainty that such error is not representative of the population. The auditor obtains this certainty by performing additional work. The additional work depends on the situation, but is adequate to provide the auditor with sufficient appropriate evidence that the error does not affect the remaining part of the population. One example is an NSA 09/final 9

10 error caused by a computer breakdown that is known to have occurred on only one day during the period. In that case, the auditor assesses the effect of the breakdown, for example by examining specific transactions processed on that day, and considers the effect of the cause of the breakdown on audit procedures and conclusions. Another example is an error that is found to be caused by use of an incorrect formula in calculating all inventory values at one particular branch. To establish that this is an anomalous error, the auditor needs to ensure the correct formula has been used at other branches. Projecting Errors 54. For substantive procedures, the auditor should project monetary errors found in the sample to the population, and should consider the effect of the projected error on the particular test objective and on other areas of the audit. The auditor projects the total error for the population to obtain a broad view of the scale of errors, and to compare this to the tolerable error. For substantive procedures, tolerable error is the tolerable misstatement, and will be an amount less than or equal to the auditor's preliminary estimate of materiality used for the individual account balances being audited. 55. When an error has been established as an anomalous error, it may be excluded when projecting sample errors to the population. The effect of any such error, if uncorrected, still needs to be considered in addition to the projection of the nonanomalous errors. If an account balance or class of transactions has been divided into strata, the error is projected for each stratum separately. Projected errors plus anomalous errors for each stratum are then combined when considering the possible effect of errors on the total account balance or class of transactions. 56. For tests of control, no explicit projection of errors is necessary since the sample error rate is also the projected rate of error for the population as a whole. Evaluating the Sample Results 57. The auditor should evaluate the sample results to determine whether the preliminary assessment of the relevant characteristic of the population is confirmed or needs to be revised. In the case of a test of controls, an unexpectedly high sample error rate may lead to an increase in the assessed level of control risk, unless further evidence substantiating the initial assessment is obtained. In the case of a substantive procedure, an unexpectedly high error amount in a sample may cause the auditor to believe that an account balance or class of transactions is materially misstated, in the absence of further evidence that no material misstatement exists. 58. If the total amount of projected error plus anomalous error is less than but close to that which the auditor deems tolerable, the auditor considers the persuasiveness of the sample results in the light of other audit procedures, and may consider it appropriate to obtain additional audit evidence. The total of projected error plus anomalous error is the auditor's best estimate of error in the population. However, sampling results are affected by sampling risk. Thus when the best estimate of errors is close to the tolerable error, the auditor recognises the risk that a different sample would result in a different best estimate that could exceed the tolerable error. Considering the results of other audit procedures helps the auditor to assess this risk, while the risk is reduced if additional audit evidence is obtained. NSA 09/final 10

11 59. If the evaluation of sample results indicates that the preliminary assessment of the relevant characteristic of the population needs to be revised, the auditor may: (a) (b) (c) request management to investigate identified errors and the potential for further errors, and to make any necessary adjustments; and/or modify planned audit procedures. For example, in the case of a test of control, the auditor might extend the sample size, test an alternative control or modify related substantive procedures; and/or consider the effect on the audit report. Compliance with International Standards on Auditing 60. Compliance with this NSA ensures compliance in all material respects with ISA 530 (Audit Sampling and Other Selective Testing Procedures). Effective Date 61. This Nepal Standard on Auditing becomes operative for the audit commencing on or after 01 Shrawan 2061 corresponding to 16 July Earlier application is encouraged. NSA 09/final 11

12 Appendix 1 Examples of Factors Influencing Sample Size for Tests of Control The following are factors that the auditor considers when determining the sample size for a test of control. These factors need to be considered together. FACTOR An increase in the auditor's intended reliance on accounting and internal control systems An increase in the rate of deviation from the prescribed control procedure that the auditor is willing to accept An increase in the rate of deviation from the prescribed control procedure that the auditor expects to find in the population An increase in the auditor's required confidence level (or conversely, a decrease in the risk that the auditor will conclude that the control risk is lower than the actual control risk in the population) An increase in the number of sampling units in the population EFECT ON SAMPLE SIZE Increase Decrease Increase Increase Negligible effect 1. The auditor's intended reliance on accounting and internal control systems. The more assurance the auditor intends to obtain from accounting and internal control systems, the lower the auditor's assessment of control risk will be, and the larger the sample size will need to be. For example, a preliminary assessment of control risk as low indicates that the auditor plans to place considerable reliance on the effective operation of particular internal controls. The auditor therefore needs to gather more audit evidence to support this assessment than would be the case if control risk were assessed at a higher level (that is, if less reliance were planned). 2. The rate of deviation from the prescribed control procedure the auditor is willing to accept (tolerable error). The lower the rate of deviation that the auditor is willing to accept, the larger the sample size needs to be. 3. The rate of deviation from the prescribed control procedure the auditor expects to find in the population (expected error). The higher the rate of deviation that the auditor expects, the larger the sample size needs to be so as to be in a position to make a reasonable estimate of the actual rate of deviation. Factors relevant to the auditor's consideration of the expected error rate include the auditor's understanding of the business (in particular, procedures undertaken to obtain an understanding of the accounting and internal control systems), changes in personnel or in the accounting and internal control systems, the results of audit procedures applied in prior periods and the results of other audit procedures. High expected error rates ordinarily warrant NSA 09/final 12

13 little, if any, reduction of control risk, and therefore in such circumstances tests of controls would ordinarily be omitted. 4. The auditor's required confidence level. The greater the degree of confidence that the auditor requires that the results of the sample are in fact indicative of the actual incidence of error in the population, the larger the sample size needs to be. 5. The number of sampling units in the population. For large populations, the actual size of the population has little, if any, effect on sample size. For small populations however, audit sampling is often not as efficient as alternative means of obtaining sufficient appropriate audit evidence. NSA 09/final 13

14 Appendix 2 Examples of Factors Influencing Sample Size for Substantive Procedures The following are factors that the auditor considers when determining the sample size for a substantive procedure. These factors need to be considered together. FACTOR An increase in the auditor's assessment of inherent risk An increase in the auditor's assessment of control risk An increase in the use of other substantive procedures directed at the same financial statement assertion An increase in the auditor's required confidence level (or conversely, a decrease in the risk that the auditor will conclude that a material errors does not exist, when in fact it does exist) An increase in the total error that the auditor is willing to accept (tolerable error) An increase in the amount of error the auditor expects to find in the population Stratification of the population when appropriate The number of sampling units in the population EFECT ON SAMPLE SIZE Increase Increase Decrease Increase Decrease Increase Decrease Negligible Effect 1. The auditor's assessment of inherent risk. The higher the auditor's assessment of inherent risk, the larger the sample size needs to be. Higher inherent risk implies that a lower detection risk is needed to reduce the audit risk to an acceptable low level, and lower detection risk can be obtained by increasing sample size. 2. The auditor's assessment of control risk. The higher the auditor's assessment of control risk, the larger the sample size needs to be. For example, an assessment of control risk as high indicates that the auditor cannot place much reliance on the effective operation of internal controls with respect to the particular financial statement assertion. Therefore, in order to reduce audit risk to an acceptably low level, the auditor needs a low detection risk and will rely more on substantive tests. The more reliance that is placed on substantive tests (that is, the lower the detection risk), the larger the sample size will need to be. 3. The use of other substantive procedures directed at the same financial statement assertion. The more the auditor is relying on other substantive procedures (tests of detail or analytical procedures) to reduce to an acceptable level the detection risk regarding a particular account balance or class of transactions, the less assurance the auditor will require from sampling and, therefore, the smaller the sample size can be. NSA 09/final 14

15 4. The auditor's required confidence level. The greater the degree of confidence that the auditor requires that the results of the sample are in fact indicative of the actual amount of error in the population, the larger the sample size needs to be. 5. The total error the auditor is willing to accept (tolerable error). The lower the total error that the auditor is willing to accept, the larger the sample size needs to be. 6. The amount of error the auditor expects to find in the population (expected error). The greater the amount of error the auditor expects to find in the population, the larger the sample size needs to be in order to make a reasonable estimate of the actual amount of error in the population. Factors relevant to the auditor's consideration of the expected error amount include the extent to which item values are determined subjectively, the results of tests of control, the results of audit procedures applied in prior periods, and the results of other substantive procedures. 7. Stratification. When there is a wide range (variability) in the monetary size of items in the population. It may be useful to group items of similar size into separate subpopulations or strata. This is referred to as stratification. When a population can be appropriately stratified, the aggregate of the sample sizes from the strata generally will be less than the sample size that would have been required to attain a given level of sampling risk, had one sample been drawn from the whole population. 8. The number of sampling units in the population. For large populations, the actual size of the population has little, if any, effect on sample size. Thus, for small populations, audit sampling is often not as efficient as alternative means of obtaining sufficient appropriate audit evidence. (However, when using monetary unit sampling, an increase in the monetary value of the population increases sample size, unless this is offset by a proportional increase in materiality.) NSA 09/final 15

16 Appendix 3 Sample Selection Methods The principal methods of selecting samples are: (a) (b) (c) (d) Use of a computerised random number generator or random number tables. Systematic selection, in which the number of sampling units in the population is divided by the sample size to give a sampling interval, for example 50, and having determined a starting point within the first 50, each 50th sampling unit thereafter is selected. Although the starting point may be determined haphazardly, the sample is more likely to be truly random if it is determined by use of a computerised random number generator or random number tables. When using systematic selection, the auditor would need to determine that sampling units within the population are not structured in such a way that the sampling interval corresponds with a particular pattern in the population. Haphazard selection, in which the auditor selects the sample without following a structured technique. Although no structured technique is used, the auditor would nonetheless avoid any conscious bias or predictability (for example avoiding difficult to locate items, or always choosing or avoiding the first or last entries on a page) and thus attempt to ensure that all items in the population have a chance of selection. Haphazard selection is not appropriate when using statistical sampling. Block selection involves selecting a block (s) of contiguous items from within the population. Block selection cannot ordinarily be used in audit sampling because most populations are structured such that items in a sequence can be expected to have similar characteristics to each other, but different characteristics from items elsewhere in the population. Although in some circumstances it may be an appropriate audit procedure to examine a block of items, it would rarely be an appropriate sample selection technique when the auditor intends to draw valid inferences about the entire population based on the sample. NSA 09/final 16